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© Data storage medium access verification system. 

(§7) A verification system is used to deny a data 
processing unit (C) unauthorised access to data 
stored in a data storage medium. The verifi- 
cation system includes a verification program 
(V) which causes the data processing unit to 
generate a first authentication code and an 
authorisation code, bearing a first predeter- 
mined relationship to the first authentification 
code. The verification program enables the data 
processing unit to access the data in the data 
storage medium provided a second authentifi- 
cation code, bearing a second predetermined 
relationship to the first authentification code is 
input to the data processing unit A remote 
processor (P) derives the second authentifi- 
cation code from the authorisation code. The 
second authorisation code can be received 
from, and the authorisation code supplied to, 
the remote processor (P) over a telephone link. 
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1 EPO< 

This invention relates to a verification system for 
denying a data processing unit unauthorised access 
to data stored in a data storage medium. The inven- 
tion relates particularly, though not exclusively, to a 
verficiation system used to deny a games computer 
unauthorised access to a computer game or games 
stored in a games cassette, disc or cartridge, and 
especially pirated copies of such games. 

Such verification systems are known; however, 
they are inconvenient in that they usually involve mod- 
ifying both the data storage medium and the data pro- 
cessing unit into which the data storage medium is 
loaded. 

According to the invention there is provided a 
verification system for denying a data processing unit 
unauthorised access to data stored in a data storage 
medium, comprising 

verification means, provided In the data storage 
medium, for causing the data processing unit to gen- 
erate a first authentication code and an authorisation 
code bearing a first predetermined relationship to the 
first authentification code, either the first authentifi- 
cation code or the authorisation code being generated 
randomly or pseudo-randomly, and for enabling the 
data processing unit to access the data stored in the 
data storage medium provided a second authentifi- 
cation code, bearing a second predetermined rela- 
tionship to the first authentification code, is in put to the 
data processing unit, 

processing means, remote from the data processing 
unit, capable of deriving the second authentification 
code from the authorisation code, 
and means enabling the authorisation code to be sup- 
plied to, and the corresponding second authentifi- 
cation code to be received from, the processing 
means, whereby the second authentification code is 
made available for Input to the data processing means 
so that the data stored In the data storage medium can 
be accessed. 

The verification means may be a verification pro- 
gram stored in the data storage medium. 

The second authentification code, which is 
needed in order to access the stored data, cannot be 
deduced from the authorisation code alone, and must 
be obtained from the processing means. In this way, 
the verification system can exercise control over the 
use of the data stored In the data storage medium. 

The inter-relationship of the codes may take a 
variety of alternative forms. 

In a preferred embodiment of the invention, the 
authorisation code and the first authentification code 
are the same. In these circumstances, the second 
authentification code, derived by the remote proces- 
sing means, may be an encryption of the authorisation 
code, and the verification program causes the data 
processing unit to derive the same encryption of the 
first authentification code and to compare the resul- 
tant code with the second authentification code 
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(which should be identical to the resultant code) to 
determine whether or not the said predetermined rela- 
tionship exists. Alternatively, the verification program 
could cause the data processing unit to derive the in- 
5 verse-encryption of the second authentification code 
and compare the resultant code with the first authen- 
tification code - again the compared codes should be 
the same. 

In another example, the authorisation code may 

w be derived from the first authentification code. More 
specifically, the authorisation code may be an encryp- 
tion of the first authentification code and the second 
authentification code, derived by the processing 
means, may be the inverse encryption of the authori- 

15 sation code. 

Alternatively, the first authentification code may 
be derived from the authorisation code. In this case, 
the first authentification code may be an encryption of 
the authorisation code and the second authentift- 

20 cation code may be the same encryption of the 
authorisation code. 

In a preferred embodiment of the verification sys- 
tem, the enabling means is arranged to monitor the 
supply and reception of the codes and to that end the 

25 enabling means may be part of a telecommunications 
network. More specifically, the enabling means may 
include a telephone line by which the user of the data 
processing unit can transmit the authorisation code 
to, and receive the second authentification code from, 

30 the processing means. The user could, for example, 
transmit the authorisation code as a succession of 
tonal or pulsed signals which he generates by dialling 
the code, or alternatively by voice. 

Calls made on the telephone line are, of course, 

35 monitored so that the network operator can levy an 
appropriate charge on the caller and, by arrangement, 
a proportion of the charge levied will be received by 
the provider of the verification system. 

Since, in this embodiment of the Invention, the 
40 second authentification code can only be obtained via 
the telephone line, the verification system provides a 
means by which revenue can be earned whenever 
access to the data stored in the data storage medium 
is granted. 

45 The verification system may be used to control 

access to pirated copies of data. 

In an embodiment of the invention, the vertifi- 
cation system is operable to deny access by the data 
processing unit to data stored in the data storage 

so medium whenever the stored data is a copy, and the 
verification means causes the data processing unit to 
generate said first authentification code and said 
authorisation code when the data processing unit rec- 
ognises the data stored in the data storage medium 

55 as being a copy. 

In a particular, though not exclusive, application 
of the verification system, the data processing unit is 
a games computer, the data storage media is a games 
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cassette, disc or cartridge and the data stored in the 
data storage medium is a computer game; for 
example, a pirated computer game. 

According to a further aspect of the invention, 
there is provided a method for denying a data proces- 
sing unit unauthorised access to data stored in a data 
storage medium, comprising the steps of 
generating a first authentification code, 
generating an authorisation code, bearing a first pre- 
determined relationship to the first authentification 
code, either the first authentification code or the 
authorisation code being generated randomly or 
pseudo- randomly, 

enabling a second authentification code to be derived 
from the authorisation code remotely from the data 
processing unit, 

denying the data processing unit access to the data 
stored in the data storage unit unless the second 
authentification code bears a second predetermined 
relationship to the first authentification code. 

The enabling step may include supplying the 
authorisation code to, and receiving the second 
authentification code from a remote processing 
means via a telecommunications link. 

A verification system according to the invention is 
now described with reference to the accompanying 
drawing which shows a schematic representation of 
the system. 

The verification system to be described is for use 
with a games computer loaded with a games cassette, 
disc or cartridge, and is intended to deny the games 
computer unauthorised access to a computer game or 
games stored in the cassette, disc or cartridge. 

However, it will be appreciated that the invention 
is applicable to other kinds of data processing unit, 
such as a word processor for example, which is 
loaded with software stored on a suitable data storage 
medium, such as a cassette, disc or cartridge. 

In this particular implementation of the Invention, 
the verification system is used to exercise control over 
the use of pirated copies of computer games and, in 
effect, enables the provider of the system to levy a 
charge whenever a copy is used. 

A variety of different schemes are available for 
detecting copies. A pirated copy of a computer game 
will normally contain less detail than the original and 
the disc drive of the games computer can be suitably 
programmed to detect this difference, if a copy is 
detected the verification system will become opera- 
tive. 

Referring now to the drawing, the verification sys- 
tem comprises a verification program V which is 
stored in the games cassette, disc or cartridge loaded 
into the user's games computer C, and the system 
also comprises a remote data processor P and a tele- 
communications link L by which the user can transmit 
data to, and receive data from, the remote data pro- 
cessor P. 


Initially, the verification program V causes the 
games computer to generate a first authentification 
code and to perform a preset calculation on this code 
to generate an authorisation code. 

5 In this particular implementation, the first authen- 

tification code is a random number which is generated 
by a suitable algorithm in the verification program and 
the authorisation code Is an encryption of this number. 
Alternatively, the first authentification code could be a 

10 pseudo-random number derived from a look-up table 
in the verification program. 

The user is denied access to the first authentifi- 
cation code but is granted access to the authorisation 
code, and to that end the authorisation code is dis- 

15 played on the user's VDU. 

The VDU also displays additional information tel- 
ling the user what further steps need to be taken in 
order to access the game stored in the cassette, disc 
or cartridge. 

20 In this example, the user is required to transmit 

the authorisation code to the remote processor P and 
this is accomplished via the telecommunications link 
L. The VDU displays the relevant telephone number 
enabling the user to make the connection to the pro- 
25 cessor P. The processor is arranged to respond to 
tonal or pulsed signals transmitted over the telephone 
line and so, once the connection has been made, the 
user is able to transmit the authorisation code to the 
processor by simply dialling the code on this tele- 
30 phone. Alternatively, it would be possible to transmit 
the authorisation code by voice. 

The processor P performs the inverse-encryption 
on the received code in order to generate a second 
authentification code (which in this example is idenfi- 
35 cal to the first authentification code) and this is trans- 
mitted back to the user via the telephone line. The 
user then inputs the second authorisation code to the 
games computer where it Is compared with the first 
authorisation code. Provided the compared codes are 
40 the same, access to the computer game is granted. 

It will be appreciated that the second authentifi- 
cation code, which is needed in order to access the 
computer game, cannot be deduced from the authori- 
sation code alone, and must be obtained from the 
45 data processor P via the telecommunications link L 
Each time a connection is made using the telecom- 
munications link L, the network operator levies a 
charge on the user and, by arrangement with the 
operator, a proportion of the charge levied will be 
so received by the provider of the verification system. 

This facility, whereby the provider of a service 
receives a proportion of the charge ievied by the net- 
work operator is available in the United Kingdom and 
many other countries and special telephone lines are 
55 allocated for the purpose. 

It will be appreciated, therefore, that this imple- 
mentation of the verification system provides a means 
by which revenue can be earned whenever access to 
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a pirated game is granted. 

It will be appreciated that the inter-relationship of 
the authorisation code and the first and second 
authentification codes may take a variety of alterna- 
tive forms. 

Thus, for example, the authorisation code and the 
first authentification code could be Identical. In this 
case, the data processor would encrypt the authoris- 
ation code In order to generate the second authentifi- 
cation code and the games console would perform the 
same encryption on the first authentification code and. 
check that the resultant code is the same as the sec- 
ond authentification code. Alternatively, the games 
computer could perform the inverse encryption on 
second authentification code and check that the resul- 
tant code is the same as the first authentification code. 

In an alternative Implementation, the first authen- 
tification code could be an encryption of the authoris- 
ation code, and In this case, the data processor P 
could perform the same encryption on the authoris- 
ation code in order to generate the second authentifi- 
cation code. The games computer would then check 
that the first and second authentification codes are the 
same. 

It will be understood that although the above- 
identified embodiments require the user to supply 
data to, and receive data from the remote data pro- 
cessor P via the telecommunications link L, this need 
not necessarily be so. In an alternative arrangement, 
the telecommunications link L could be connected 
directly to the user's games computer via a suitable 
interface, such as a modem, for example, which could 
form a part of the user's computer. 

It will be appreciated that a system of the kind 
described could be so programmed as to allow access 
by the data processing unit to data stored in a data 
storage medium for the duration of a specified session 
or sessions, or for the duration of a preset time or use 
period or to perform only a specified operation or 
specified operations within the programme. 

Thus, in the case of a data processing unit in the 
form of a word processor, for example, the charge 
levied might, in effect, be based on the number of 
words used or the number of days the processor is in 
use. In the case of a computer games system, the 
charge levied may be based on a parameter in the 
game, such as the expiry of a set number of lives of 
a player (such as the main character). 

In a further embodiment of the Invention, the veri- 
fication system could be used to exercise control over 
the use of original (i.e. uncopied) software, such as 
might be stored in a mass data storage medium e.g. 
a compact disc. Currently, the cost of purchasing such 
software is set relatively high to enable the software 
publisher to recoup at least some of the revenue that 
might otherwise be lost due to unauthorised copying 
of the original software, and this might deter a poten- 
tial purchaser from purchasing the software particu- 
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larly if he has only a limited need for the software or 
if he is uncertain as to the suitability of the software 
to his needs. A verification system in accordance with 
the invention enables the software publisher to 
recoup revenue on the basis of the actual use made 
by the purchaser of the software, allowing the 
publisher to distribute the software at a relatively tow 
cost. 


Claims 


1, A verification system for denying a data proces- 
sing unit unauthorised access to data stored in a 

15 data storage medium, comprising 

a verification means, provided in the data 
storage medium, for causing the data processing 
unit to generate a first authentification code and 
an authorisation code bearing a first predeter- 

20 mined relationship to the authentification 

code, either the first authentification code or the 
authorisation code being generated randomly or 
pseudo-randomly, and for enabling the data pro- 
cessing unit to access the data stored in the data 

25 storage medium provided a second authentifi- 

cation code, bearing a second predetermined 
relationship to the first authentification code, is 
input to the data processing unit, 

processing means, remote from the data 

30 processing unit, capable of deriving the second 

authentification code from the authorisation code, 
means enabling the authorisation code to 
be supplied to, and the corresponding second 
authentification code to be received from, the pro- 

35 cessing means whereby the second authentifi- 

cation code is made available for input to the data 
processing unit so that the data stored in the data 
storage medium can be accessed. 

40 2. A verification system as claimed in claim 1 , whe- 
rein the verification means is a verification prog- 
ram stored in the data storage medium. 

3. A verification system as claimed in claim 1 or 
45 claim 2, wherein the authorisation code is derived 

from the first authentification code or vica versa. 

4. A verification system as claimed in claim 3, whe- 
rein the authorisation code is an encryption of the 

so first authentification code and the second authen- 

tification code, derived by the processing means, 
is the reverse-encryption of the authorisation 
code. 

55 5. A verification system as claimed in claim 3, whe- 
rein the first authentification code is an encryption 
of the authorisation code and the second authen- 
tification code, derived by the processing means, 
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is the same encryption of the authorisation code. 

6. A verification system as claimed in any one of 
claims 1 to 5, wherein the first and second 
authentification codes or the authorisation code 
and the first authentification code are identical. 

7. A verification system as claimed in claim 6, whe- 
rein the second authentification code, derived by 
the processing means, is an encryption of the 
authorisation code, and the verification program 
causes the data processing unit to derive the in- 
verse-encryption of the second authentification 
input thereto and to compare the resultant code 
with the first authentification code whereby to 
determine whether or not the second predeter- 
mined relationship exists. 

8. A verification system as claimed In claim 6, whe- 
rein the second authentification code, derived by 
the processing means, is an encryption of the 
authorisation code, and the verification program 
causes the data processing unit to derive the 
inverse encryption of the first authentification 
code and to compare the resultant code and the 
second authentification code whereby to deter- 
mine whether or not the second predetermined 
relationship exists. 

9. A verification system as claimed in any one of 
claims 1 to 8, wherein the enabling means is 
arranged to monitor the supply and reception of 
the codes. 

10. A verification system as claimed in claim 9 f whe- 
rein the enabling means is part of a telecommuni- 
cations network. 

1 1 . A verification system as claimed in claim 10, whe- 
rein the enabling means includes a telephone line 
by which the user of the data processing unit can 
transmit the authorisation code to, and receive 
the second authentification code from, the pro- 
cessing means. 

1 2. A verification system as claimed in claim 1 1 , whe- 
rein the authorisation code is transmitted along 
the telephone line as a succession of tonal or 
pulsed signals. 

13. A verification system as claimed in any preceding 
claim for denying the data processing unit 
unauthorised access to data stored in the data 
storage medium if the stored data is a pirated 
copy of an original of the data. 

14. A verification system as claimed in any preceding 
claim, wherein data processing unit is a games 


computer, the data storage medium is a games 
cassette, disc or cartridge and the data stored in 
the data storage medium is a computer game or 
games. 

5 

15. A method for denying a data processing unit 
unauthorised access to data stored In a data stor- 
age medium, comprising the steps of 

generating a first authentification code, 
10 generating an authorisation code bearing 

a first predetermined relationship to the first 
authentification code, either the first authentifi- 
cation code or the authorisation code being gen- 
erated randomly or pseud orandomly, 
15 enabling a second authentification code to 

be derived from the authorisation code remotely 
from the data processing unit, and 

denying the data processing unit access to 
the data stored In the data storage unit unless the 
20 second authentification code bears a second pre- 

determined relationship to the first authentifi- 
cation code. 

16. A method as claimed in claim 15, wherein the 
25 enabling step includes supplying the authoris- 
ation code to, and receiving the second authenti- 
fication code from a remote processing means via 
a telecommunications link. 

30 
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